package com.example.shiro;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @author lyj
 * @Title: ShiroConfig
 * @ProjectName demo
 * @Description: TODO
 * @date 2020/12/3 23:02
 */

@Configuration
public class ShiroConfig {

    /**
     * 创建ShiroFilterFactoryBean
     * @return
     */
    @Bean
   public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager securityManager){
       ShiroFilterFactoryBean shiroFilterFactoryBean=new ShiroFilterFactoryBean();

       //设置安全管理器
       shiroFilterFactoryBean.setSecurityManager(securityManager);


       /**
        * Shiro内置过滤器，可以实现权限相关的拦截器
        * 常用的过滤器：
        *           anon:无需认证（登录）可以访问
        *           authc:必须认证才可以访问
        *           user：如果使用rememberMe的功能可以直接访问
        *           perms:该资源必须得到资源权限才可以访问
        *           role:该资源必须得到角色权限才可以访问
        */
       Map<String,String> filterMap=new LinkedHashMap<>();
        filterMap.put("/toLogin","anon");
        filterMap.put("/login","anon");

        //授权过滤器
        //注意：当前授权拦截后，shiro会自动跳转未授权页面
        filterMap.put("/add","perms[user:add]");
        filterMap.put("/update","perms[user:update]");


       filterMap.put("/*","authc");

       shiroFilterFactoryBean.setFilterChainDefinitionMap(filterMap);


       //修改跳转的登录页面
       shiroFilterFactoryBean.setLoginUrl("/toLogin");


       //设置未授权提示页面
        shiroFilterFactoryBean.setUnauthorizedUrl("/noAuth");

       return shiroFilterFactoryBean;
   }





    /**
     * 创建DefaultWebSecurityManager
     * @return
     */
    @Bean("securityManager")
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){
        DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager();
        //关联realm
        securityManager.setRealm(userRealm);
        return securityManager;
    }

    @Bean("userRealm")
    public UserRealm getRealm(){
        return new UserRealm();
    }

    /**
     * 配置shiroDialect，用于thymeleaf和shiro标签配合使用
     */
    @Bean
    public ShiroDialect getShiroDialect(){
        return new ShiroDialect();
    }
}
